General
-
Target
d432533e5853def44faaccb9fc1d0be70d11cbd222c93e4b344982804c069bae
-
Size
690KB
-
Sample
240430-b2s25shb3x
-
MD5
c2b50e304f1db866914eec7e1ef1c856
-
SHA1
fa7c7bff75e9be34af2fb3ac58df7541f69734c6
-
SHA256
d432533e5853def44faaccb9fc1d0be70d11cbd222c93e4b344982804c069bae
-
SHA512
f069e85d0f011a4112500ccbaa3ca57d89cb46bb20d7ef43ae85c98fc3af226486514dcfefbccd5d6149a968c68d6d204f90709447a4448a409a1da4fdb7469a
-
SSDEEP
12288:o+DbgRB778QeAHiqKkDfIMmBko2mUXECV7ptxViKRaQt7O:JgRBhC2DmUDV9txViKRa
Static task
static1
Behavioral task
behavioral1
Sample
d432533e5853def44faaccb9fc1d0be70d11cbd222c93e4b344982804c069bae.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
d432533e5853def44faaccb9fc1d0be70d11cbd222c93e4b344982804c069bae.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
mail.atarod.org.af - Port:
587 - Username:
[email protected] - Password:
A1tarod@23 - Email To:
[email protected]
Targets
-
-
Target
d432533e5853def44faaccb9fc1d0be70d11cbd222c93e4b344982804c069bae
-
Size
690KB
-
MD5
c2b50e304f1db866914eec7e1ef1c856
-
SHA1
fa7c7bff75e9be34af2fb3ac58df7541f69734c6
-
SHA256
d432533e5853def44faaccb9fc1d0be70d11cbd222c93e4b344982804c069bae
-
SHA512
f069e85d0f011a4112500ccbaa3ca57d89cb46bb20d7ef43ae85c98fc3af226486514dcfefbccd5d6149a968c68d6d204f90709447a4448a409a1da4fdb7469a
-
SSDEEP
12288:o+DbgRB778QeAHiqKkDfIMmBko2mUXECV7ptxViKRaQt7O:JgRBhC2DmUDV9txViKRa
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-